Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

Hey <@U03TRGWBQ4U>, welcome! Let me reference your question here in this channel <https://osquery.slack.com/archives/C08V7KTJB/p1660573026129749>

hey <@U03TRGWBQ4U>, could you give us more details? do you have access to the Windows machines? could you follow the <https://fleetdm.com/docs/deploying/debugging#osquery|osquery section of the debugging docs> in the host machines to try to get some information?

<@U03TRGWBQ4U> Did those Windows hosts show up for you?

Interesting. I did a quick `cURL` on the endpoint and didn't see any redirects. Is it possible to test that on one of the hosts that's showing offline?

```curl -X -iL POST <https://fleet.ze.delivery/api/v1/osquery/enroll> ```
It should result in the following error:

```{
  "message": "Expected JSON Body",
  "errors": [
    {
      "name": "base",
      "reason": "Expected JSON Body"
    }
  ]
}```
Do you see any indication that the requests are making it through to the server in the Fleet logs?

Do those hosts have anything else that sets them apart from the hosts that are responding correctly (AV software, VPN, Firewall settings)?

\* When checking the server logs, you'll see some errors from me pinging the server.